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DETAILED ACTION 

1 . In response to applicant's amendments filed 03/31/2008 Claims 1-15 are pending 
in this application. 



Claim Objections 

2. The following are objected to fro minor informalities: 

a. In claim 8, the statement "said hash ID with modified content is not 
recognized by an inquiring, other person's computer" is improperly stated. The 
examiner suggests "said hash ID with modified content is not recognized by an 
inquiring (by/of) the other person's computer" 

b. "the actual content" (claim 8, line 3) is objected to for lack of antecedent 
basis 

c. In claim 9, the statement "wherein an inquiring, other person's computer" 
is improperly stated. The examiner suggests an inquiring, (by/of) the other 
person's computer. 

d. "said modified content" (claim 9, lines 1-2) is objected to for lack of 

antecedent basis. 

e. In claim 9, the statement "...is detected, searches for downloading said 
hash ID" is improperly stated and it is unclear who or what carries out the 
searches. 



Claim Rejections - 35 USC §112 
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3. Claim 9 is rejected under 35 U.S.C. 112, second paragraph, as being indefinite 
for failing to particularly point out and distinctly claim the subject matter which applicant 
regards as the invention. Specifically, claim 9 leaves off information pertaining to which 
computer inquires and what entity within the claimed invention "searches" 

Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the phor art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims 1-7 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
"Trusted Computing, Peer-To-Peer Distribution, and the Economics of Pirated 
Entertainment." Stuart E Schechter, Rachel A. Greenstadt, and Michael D Smith, 
Hereafter Schechter, in view of "Handbook of Applied Cryptography" Alfred J Menezes, 
Paul C. van Oorschot and Scott A. Vanstone, hereafter "Menezes." 

Regarding claim 1 , Schechter discloses computers which are pooled to form an internet 

file sharing site which make files available in randomly stored data records, each of 
which including proprietary content and metadata which includes at least one hash ID 
(Pg 1; Pg 6, lines 31-37; Pg 7, lines 9-13) 
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searching for the file to be protected on the internet saving at least the hash ID of each 
data record provided as a hit by at least one other person's computer (Pg 7, lines 20-23; 
Col 7, lines 38-39) 

answering the inquiries from other people's computers about the file to be protected, by 
providing a modified data record. (Pg 7, lines 10-19 note the misrepresented data in an 
integrity attack provides computers asking for the information with incorrect data) 
however Schechter does not disclose a method of generating a data record which is 
modified from the data record provided and which includes at least the saved hash ID 
and replacement content data linked to the saved hash ID which would work in a 
hashed environment. 

Menezes discloses generating a data record which is modified from the data record 
provided and which includes at least the saved hash ID and replacement content data 
linked to the saved hash ID (Chapters 9.7 - 9.7.4 Note all of the above attacks are used 
to find data which is more or less random noise yet is indistinguishable to a hash 
function in order to introduce altered and corrupt data into a hashed system) Because 
Schechter makes it apparent that integrity attacks are well known (Pg 7, lines 10-19) 
and introduces a hashed system, it would have been obvious to one of ordinary skill in 
the art at the time of the invention to combine the teachings of Schechter with the 
teachings of Menezes in order to produce an integrity attack which is capable of 
overcoming hashed systems. 
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Regarding claim 2, Schechter as modified discloses the step of entering and saving IP 
addresses of at least some of the other people's computers in the local database of 
one's own computer (Pg 6, lines 19-23; Pg 7, lines 10-19 Note the first scenario points 
out the use of IP address in recording traffic. In addition, computers must know where 
they're sending data to and thus must record IP addresses in some form in order to 
route information to its proper destination. This is made apparent by the disclosure of 
the network topology of Schechter) setting up a connection of one's own computer to 
the internet and starting the search by scanning for a search term on the other people's 
computer (Pg 7, lines 37-39 Note that peer-to-peer file transfer inherently entails setting 
up a connection to remote computers through the internet). 

While Schechter does not disclose entering at least one search term identifying the file 
to be protected, in a local database of one's own computer it should be appreciated that 
a file to be modified in order to perform an integrity attack such as that which is 
described in Schechter, first must be located and it would have been obvious to one of 
ordinary skill in the art to enter search terms into an operating system's find function 
such as that built into Microsoft Windows 2000 and XP. 

Regarding claim 3, Schechter as modified discloses one's own computer providing the 
modified data record belonging to the file to be protected, for downloading by the other 
people's computers designated by the saved IP addresses (Pg 7, lines 9-13 Note that 
"one's computer" in this case is equivalent to the attacker's computer and the above 
combined method yields an integrity attack capable of overcoming hashing functions). 
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Regarding claim 4, Schechter discloses the hash ID of each data record provided by 
another person's computer as a hit is compared with the saved hash IDs, and hits for 
which the result of comparison is positive are not further processed into a modified data 
record. (Pg 7, lines 20-24 Note that content not matching a hash is thrown out and re- 
downloaded) 

Regarding claim 5, Schechter does not disclose the IP address of one's own computer 
being altered, however the DHCP protocol for determining IP address provides a 
method for easily setting up an internet connection which takes out IP "timeshares" 
which are regularly updated, and being well known in the art at the time of the invention, 
it would have been obvious to one of ordinary skill in the art at the time of the invention 
to use DHCP to establish their internet connection. 

Regarding claim 6, Schechter discloses inquiries by other people's computers about the 
file to be protected being logged (Pg 6, lines 19-23 It should be noted that evidence for 
litigation includes logged traffic information and thus logging would be either inherent in 
the description of Schechter or obvious to one of ordinary skill in the art at the time of 
the invention). Schechter does not disclose logging being in anonymous form, however 
in order to prevent an attacker from gaining a known identity which could then be 
detected, it would have been obvious to one of ordinary skill in the art at the time of the 
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invention to use identity obscuring methods to remain anonymous when gathering 
logging information. 

Regarding claim 7, Schechter does not disclose searching for the content to be 
protected only being done up to a predetermined expiry date, however because the 
computational power of any attacker is limited, it should be appreciated that any number 
of metrics for determining when to cut off an attack would have been obvious to use 
such as number of downloaders, timestamp or date, quality rating, etc. all of which are 
readily available to those using file sharing sites. Because of limited computing it 
therefore would have been obvious to one of ordinary skill in the art to set a point based 
upon a known metric to cut off an attack. 

Regarding claim 8, claim 8 is rejected for substantially the same reason as claim 1 
above. (Note that because the hash functions are the method of detecting corrupted 
files, injecting content with a hash collision would not be detectable without inspecting 
its content.) 

Regarding claim 9, claim 9 is rejected for substantially the same reason as claim 1 
above. 

Regarding claim 10, claim 10 is rejected for substantially the same reason as claim 2 
above. (Note IP address must inherently be stored to send any information to any 
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computer using the IP networl<ing protocol and this would be used to carry out the 
above mentioned integrity attack.) 

Regarding claim 1 1 , claim 1 1 is rejected for substantially the same reason as claim 1 
above. (Note Schechter discloses both the attacker and users on the network in his 
disclosure.) 

Regarding claim 12, claim 12 is rejected for substantially the same reason as claim 5 
above. 

Regarding claim 13, claim 13 is rejected for substantially the same reason as claim 1 
above. (Note the disclosed hash attacks deal exactly with replacement data.) 

Regarding claim 14, claim 14 is rejected for substantially the same reason as claim 1 
above. Note that the disclosure of Schechter provides hashes to deal with either the 
data itself or the operation of the peer to peer network and attacking a hashed file 
dealing with the network topology would reroute traffic. 

Regarding claim 15, claim 15 is rejected for substantially the same reason as claim 14 
above. Note in addition attacking a hashed file with data inside would invalidate such 
data. 



Application/Control Number: 1 0/584,01 1 Page 9 

Art Unit: 2169 

Response to Amendment 

The arguments presented by applicant are considered and deemed to be persuasive, a 
new grounds of rejection is presented above. 

Conclusion 

5. The prior art made of reference in this case is as follows: 

a. "Trusted Computing, Peer-To-Peer Distribution, and the Economics of 
Pirated Entertainment." Stuart E Schechter, Rachel A. Greenstadt, and Michael 

D Smith (May 29, 2003) 

b. "Handbook of Applied Cryptography" Alfred J Menezes, Paul C. van 
Oorschot and Scott A. Vanstone (August 1997) 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Bruce A. Witzenburg whose telephone number is 571- 
270-1908. The examiner can normally be reached on M-F 9:00 - 6:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, AN Mohammed can be reached on 571-272-4105. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

BW 

/Mohammad AN/ 

Supervisory Patent Examiner, Art Unit 2169 



